Date of Issue: 24/05/2018 Last Update: 24/05/2018
This documentation for online purposes refers to BRILA International as its legal name of Itsuwa Vault Australia Pty Ltd. The usage of Itsuwa Vault Australia Pty Ltd refers solely to BRILA International and not third parties.
Data Processing Addendum
This Data Processing Addendum (“DPA”) forms part of the Itsuwa Vault Australia Pty Ltd. Terms of Service (“Agreement”) Itsuwa Vault Australia Pty Ltd. and the User. The User entered into this DPA on behalf of itself, the purpose of this DPA is to reflect the parties’ agreement with regard to the processing of Personal Data in accordance with the requirements of Data Protection Legislation as defined below.
“Data Protection Legislation” means all applicable legislation relating to data protection and privacy including the EU Data Protection Directive 95/46/EC and 2002/58/EC and any regulations which amend or replace any of them, including the General Data Protection Regulation (GDPR).
“Data Processor”, “Data Controller”, and “Data Subject” shall be interpreted in accordance with applicable Data Protection Legislation.
“Subprocessor” means a third party service engaged by Itsuwa Vault Australia Pty Ltd to process personal data.
“Personal Data” means information relating to an identified or identifiable individual. This includes but not limited to information the User provided in their account and information relating to Clients who engages in a transaction through the User’s website when the online shop and user system is activated.
Terms not otherwise defined here shall have the meaning as set forth in the Agreement.
The Data Protection Officer has currently been appointed to a Itsuwa Vault Australia staff member available for comment at email@example.com and lawful representatives in the European Union.
- Processing of Personal Data
2.1 The parties agree that User is the Data Controller and that Itsuwa Vault Australia Pty Ltd is its Data Processor in relation to Personal Data that is processed in the course of providing the Services. User shall comply at all times with Data Protection Legislation in respect of all personal data it provided to Itsuwa Vault Australia Pty Ltd pursuant to the Agreement.
2.2 Itsuwa Vault Australia Pty Ltd will process the Personal Data as a Data Processor, only for the purpose of providing the Services in accordance with the Agreement or with instructions from the User (including instructions provided through the User’s Account).
2.3 User agrees that the Personal Data will be collected in compliance with Data Protection Legislation, including all legally required consents, approvals and authorizations. Upon Itsuwa Vault Australia Pty Ltd request, User shall provide adequate proof of having properly obtained all such necessary consents, authorizations and required permissions.
2.4 If Itsuwa Vault Australia Pty Ltd is required by law to process the Personal Data for any other purpose, Itsuwa Vault Australia Pty Ltd will provide the User with prior notice of this requirement, unless prohibited by law.
2.5 Itsuwa Vault Australia Pty Ltd may transfer Personal Data away from the location it which it was originally collected (i.e. outside of the EEA), in such case, Itsuwa Vault Australia Pty Ltd will ensure the transfers will be completed in compliance with mechanisms that is recognized under the relevant Data Protection Legislation as providing an adequate level of protection for data transfers.
2.6 Following termination of the Agreement, on the User’s request, Itsuwa Vault Australia Pty Ltd will delete all Personal Data processed, unless it is required by applicable law to retain the Personal Data.
3.1 Itsuwa Vault Australia Pty Ltd will implement and maintain appropriate technical and organizational measures to protect the Personal Data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to Personal Data. These measures shall be appropriate to the harm which might result from any unauthorized or unlawful processing, accidental loss, destruction, damage or theft of Personal Data and appropriate to the nature of the Personal Data which is to be protected.
3.2 Itsuwa Vault Australia Pty Ltd will ensure that all Itsuwa Vault Australia Pty Ltd personnel required to access the personal data are informed of the confidential nature of the personal data and comply with the obligations sets out in this DPA.
3.3 Itsuwa Vault Australia Pty Ltd will notify the User promptly upon becoming aware of and confirming any accidental, unauthorized, or unlawful processing of, the disclosure of, or access to the Personal Data. Itsuwa Vault Australia Pty Ltd will also take action to investigate the incident and reasonably prevent or mitigate the effects of the case.
4.1 Itsuwa Vault Australia Pty Ltd may use Subprocessors to process the Personal Data. The use of Subprocessor to process the Personal Data will be in compliance with Data Protection Legislation and will be governed by a contract between Itsuwa Vault Australia Pty Ltd and Subprocessor.
4.2 Sub processors will be permitted to process personal data only to deliver the services Itsuwa Vault Australia Pty Ltd has requested, and they shall be prohibited from using Personal Data for any other purpose. A list of our current Subprocessors is available upon request by sending an email to firstname.lastname@example.org and also available at the bottom of this document.
4.3 In the case where the sub-processor further engages with other processors to process Personal Data, they will respect the obligations set out in this DPA.
- Information Requests and Audits
5.1 Itsuwa Vault Australia Pty Ltd will promptly notify the User of any complaints, questions or requests received from Data Subjects regarding the Personal Data.
5.2 When applicable, Itsuwa Vault Australia Pty Ltd will assist the User in fulfilling your obligations in relation to Data Subject requests under the applicable Data Protection Legislation, to the extent that the information is available to Itsuwa Vault Australia Pty Ltd and that you cannot otherwise obtain the relevant information. User shall be solely responsible for responding to any Data Subjects’ requests and user shall reimburse Itsuwa Vault Australia Pty Ltd for the costs arising from this assistance.
5.3 Upon request, Itsuwa Vault Australia Pty Ltd will provide all reasonable assistance to the User in respect to exercising its audit rights. Given the purpose of the audit is to verify the Processing of personal data in accordance with this DPA. Prior to the audit, parties will agree on the duration and scope. The request from Users in this aspect shall be reasonable to the extent required by the Data Protection Legislation and Users will be responsible for any cost incurred with regards to the resources and time spent by Itsuwa Vault Australia Pty Ltd.
5.4 Upon your written request, Itsuwa Vault Australia Pty Ltd will destroy all Personal Data in its possession or return the Personal Data to User, as requested. This requirement will not apply to the extent Itsuwa Vault Australia Pty Ltd is required by applicable law to retain some or all of the User’s Data. User Data on backup servers is protected from any further processing, except to the extent required by applicable law.
6.1 This DPA only applies where the Personal Data originates from the EEA or is otherwise subject to the Data Protection Legislation through the process of Personal Data during the course of providing Services to the User.
6.2 The terms of this Addendum shall be governed by and interpreted in accordance with the laws of GDPR applicable therein, without regard to principles of conflicts of laws.
6.3 In the event of any conflict or inconsistency between the terms of the Agreement and this DPA, the provisions of this DPA shall prevail. This DPA might be amended from time to time. Any claims brought under this DPA will be subject to the same terms and conditions, including the exclusions and limitations of liability, as are set out in the Agreement.
Your privacy is critically important to us. At Itsuwa Vault Australia we have a few fundamental principles:
We don’t ask you for personal information unless we truly need it.
We don’t share your personal information with anyone except to comply with the law or protect our rights.
We don’t store personal information on our servers unless required for the on-going operation of one of our services.
In our service, we aim to make it as simple as possible for you to control what’s visible to the public, seen by search engines, kept private, and permanently deleted.
If you have questions about accessing or correcting your personal data, please contact us via our email address: email@example.com
It is our policy to respect your privacy regarding any information we may collect while operating our website.
Itsuwa Vault Australia then use Google Analytics statistics and information to help better segment Google Adwords advertisements and keywords to individuals looking at products or information in our industry.
Itsuwa Vault Australia Pty Ltd uses the contact information in the contact form to be able to contact potential clients and undertake general business activities if an inquiry is sent to us through the filled out form.
Itsuwa Vault Australia Pty Ltd uses social media channels including Facebook, Youtube, Linkedin and Instagram that may allow us to collect anonymous data of website referrals and anonymous social analytics. This data is segmented from a created list of suggesting audience demographics and interests to cater advertisements accordingly.
Itsuwa Vault Australia Pty Ltd also collects potentially personally-identifying information like Internet Protocol (IP) addresses for logged in users and for users leaving comments on Itsuwa Vault Australia Pty Ltd’s blog. Itsuwa Vault Australia Pty Ltd never discloses logged in user and commenter IP addresses. IP addresses are only visible and disclosed to the administrators of the blog where the comment was left.
Gathering of Personally-Identifying Information
Certain visitors to Itsuwa Vault Australia Pty Ltd websites choose to interact with Itsuwa Vault Australia Pty Ltd in ways that require Itsuwa Vault Australia Pty Ltd to gather personally-identifying information. The amount and type of information that Itsuwa Vault Australia Pty Ltd gathers depend on the nature of the interaction. For example, we ask visitors who sign up for a blog to provide a username and in some cases, an email address. When filling out the contact form, customers are asked to provide a name, email address, and telephone number as well as the message. In each case, Itsuwa Vault Australia Pty Ltd collects such information only insofar as is necessary or appropriate to fulfil the purpose of the visitor’s interaction with Itsuwa Vault Australia Pty Ltd. Itsuwa Vault Australia Pty Ltd does not disclose personally-identifying information.
We use an encryption system on our website servers, which means that all data sent via the submitted form is only visible to Itsuwa Vault Australia Pty Ltd. This helps to protect online users against hackers, who try to steal users’ information.
Itsuwa Vault Australia Pty Ltd does not store personally-identifying information on its servers.
Itsuwa Vault Australia Pty Ltd acknowledges that all individuals have the right to access the personal information/data that we maintain about them. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data, should direct their query to firstname.lastname@example.org
If requested to remove data, we will respond within a reasonable timeframe, not to exceed 30 days..
Protection of Certain Personally-Identifying Information
Itsuwa Vault Australia Pty Ltd discloses potentially personally-identifying and personally-identifying information only to those of its employees, contractors and affiliated organisations that (a) need to know that information in order to process it on Itsuwa Vault Australia Pty Ltd behalf or to provide services available at Itsuwa Vault Australia Pty Ltd websites, and (b) that have agreed not to disclose it to others.
Itsuwa Vault Australia Pty Ltd will only disclose potentially personally-identifying only when required to do so by law, or when BRILA believes in good faith that disclosure is reasonably necessary to protect the property or rights of BRILA, third parties or the public at large.
Itsuwa Vault Australia Pty Ltd uses social media content of its network and tags them accordingly to give credit or hide business/personal information on a request for this matter.
If Itsuwa Vault Australia Pty Ltd holds personally-identifying information, Itsuwa Vault Australia Pty Ltd may occasionally send you an email to tell you about new services, get your feedback, or just keep you up to date with what’s going on with BRILA. We expect to keep this type of email to a minimum.
BRILA takes all measures reasonably necessary to protect against the unauthorized access, use, alteration or destruction of potentially personally-identifying and personally-identifying information. Itsuwa Vault Australia Pty Ltd constantly scrutinises its data policy agreement and practices to ensure that all personal data is safe & secure when collected if necessary.
We also may be required to disclose an individual’s personal information in response to a lawful request by public authorities, including to meet national security or law enforcement requirements.
We currently use Facebook Connect to link our social media accounts to our website that tracks user data anonymously.
Our website also uses request management by third-party apps that are compliant with Google & Facebook Privacy & Data Policies.
Our cookies are GDPR Compliant and can be matched accordingly here:
If you would like to contact BRILA about this statement or have any concerns about our data handling policies please email us directly at email@example.com and we will respond to you in due course. If a data breach occurs or anything of that nature a notification will be sent out to all person/s globally that it has occurred within 72 hours. We aim to provide clarity and a quick response in protecting and controlling personal data.
Changes Coming Soon:
Itsuwa Vault Australia Pty Ltd will be implementing an optional e-newsletter for website visitors/clients to signup to stay in touch with the business on consent.
Itsuwa Vault Australia Pty Ltd will be potentially collecting data to track Media Kit Downloads if the individual gives consent for us to do this otherwise they may download it without inputting personal information.
Itsuwa Vault Australia Pty Ltd will be ensuring that it adds a new permission process when gathering social media images/consent from third party users at an appropriate stage when BRILA deems necessary.
Itsuwa Vault Australia Pty Ltd uses Google Analytics to collect non-personally-identifying information of the sort that web browsers and servers typically make available, such as the browser type, language preference, referring site, and the date and time of each visitor request. Itsuwa Vault Australia Pty Ltd purpose in collecting non-personally identifying information is to better understand how Itsuwa Vault Australia Pty Ltd visitors use its website.
Itsuwa Vault Australia Pty Ltd will be creating an online software/detailer login system for invited clients that will entail a user licence agreement and permission of data storage.
This system will also collect end user information to track sales information and allow us to put in place a maintenance/re-application reminder service so that clients vehicles are protected by BRILA paint protection. This will only be accessible to Itsuwa Vault Australia Pty Ltd and BRILA Staff Members and Authorised Point Of Contact.
Information on our third-party plugins please click on the links below:
WP File Manager – Security checker https://wordpress.org/plugins/plugin-security-checker/ or https://www.joomunited.com/privacy-policy
Wordfence – https://www.wordfence.com/terms-of-use-and-privacy-policy/ or https://www.wordfence.com/privacy-policy/
WooCommerce Stripe Gateway – AU – https://stripe.com/au/privacy or https://woocommerce.com/terms-conditions/?_ga=2.259365130.1656872524.1527125740-1278373150.1527125740
Woocommerce product slider – https://wpbakery.com/privacy-policy/
Woo Commerce Paypal Express Check out Gateway – https://www.paypal.com/au/webapps/mpp/ua/privacy-full or https://woocommerce.com/terms-conditions/
Custom Css and JS – https://www.silkypress.com/privacy-policy/
UpdraftPlus – Backup/Restore – https://updraftplus.com/data-protection-and-privacy-centre/
Theme Check – http://ottopress.com/ – none
String Locator – https://www.clorith.net/ – none
Restricted site access – https://10up.com/contact/ – none
Popup Maker – https://popupmaker.com/privacy/
Multilanguage by BestWebSoft – https://bestwebsoft.com/privacy-policy/
Jetpack by WordPress.com – https://automattic.com/privacy/
Image Hover Effects CSS3 – http://www.topdigitaltrends.net/privacy-policy/
Ideal Interactive Maps
Hello Dolly GitHub – https://help.github.com/articles/github-privacy-statement/
Google Analytics Dashboard for WP (GADWP) – https://exactmetrics.com/privacy-policy/
File Manager – http://giribaz.com/terms-and-conditions/
Duplicator – https://snapcreek.com/privacy-policy/
Cookie Law Info – https://www.webtoffee.com/privacy-policy/
Contact Form 7 – https://contactform7.com/privacy-policy/
Autoptimize – https://autoptimize.com/en/terms-of-service/
Animate It! – https://www.eleopard.in/privacy-policy
All-in-One WP Migration – https://www.iubenda.com/privacy-policy/715803
All In One SEO Pack – https://semperplugins.com/terms/
Akismet Anti-Spam – https://automattic.com/privacy/
Advanced Custom Fields – https://www.advancedcustomfields.com/privacy-policy/
Associated Website Privacy Policies:
Facebook Data Policy: https://www.facebook.com/policy.php
Instagram Data Policy: https://help.instagram.com/519522125107875
HTML5 Maps: https://www.fla-shop.com/privacy.php
We constantly update and ensure that our third-party information is as accurate as possible.